Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/LoF8MDTjh_1-hBznVQawJAWPZMQ.roa
File: LoF8MDTjh_1-hBznVQawJAWPZMQ.roa (raw, json)
Hash identifier: f+DI6Ydxe08oruCmrlqoE9TkeMPWRGAHyp2c1dp+1Sk=
Subject key identifier: 2E:81:7C:30:34:E3:87:FD:7E:84:1C:E7:55:06:B0:24:05:8F:64:C4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F64
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LoF8MDTjh_1-hBznVQawJAWPZMQ.roa
Signing time: Mon 01 Apr 2024 00:22:36 +0000
ROA not before: Mon 01 Apr 2024 00:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3940 (0xf64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 00:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2E817C3034E387FD7E841CE75506B024058F64C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:51:b9:06:16:0b:88:0e:e1:51:63:0a:a0:
83:ab:7e:82:62:5c:7e:4f:84:3c:e4:c6:aa:0e:5a:
40:e2:3a:b3:82:e6:d9:24:0d:96:ea:eb:fa:f3:95:
69:fc:4b:cd:01:1b:51:91:49:69:1a:43:de:af:c0:
8b:8a:6a:d0:63:0f:59:d9:e3:6d:21:fe:d9:51:54:
95:b7:ab:83:b7:94:5a:34:3d:0f:6d:0d:a6:c2:74:
bb:c4:3d:77:8c:ef:15:c8:45:e4:37:8d:fc:a5:5d:
41:1e:39:43:13:fe:ad:32:73:75:da:7c:12:b9:c4:
26:97:c6:3d:a3:64:95:88:2a:b2:c5:50:fa:88:1e:
c9:24:24:d3:f4:ce:b0:88:c8:fe:ef:aa:f9:c9:fe:
ba:61:24:31:a9:34:49:9d:90:fa:e1:8c:4c:ee:4c:
1d:3b:4f:a3:cc:d4:1e:29:28:56:22:ca:da:68:b8:
93:bc:e1:48:22:2b:63:df:6e:24:45:cc:56:a2:3b:
fc:41:23:1b:2c:1c:7b:cb:9b:ee:66:65:fd:e5:4c:
1d:4e:cb:12:0d:91:2a:3d:29:db:0e:6c:06:ee:56:
bb:3d:4d:0f:ee:e3:95:7c:7d:a4:07:21:2c:c7:28:
34:c4:56:29:5c:68:6c:68:33:d1:73:c6:3d:be:af:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:81:7C:30:34:E3:87:FD:7E:84:1C:E7:55:06:B0:24:05:8F:64:C4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LoF8MDTjh_1-hBznVQawJAWPZMQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:79:63:a4:f2:fb:aa:0f:6f:f8:07:d4:b1:11:2d:a9:0f:b6:
87:c4:24:d7:7c:bd:e7:17:c3:b6:d8:9d:4f:3c:0d:f1:c0:b8:
e9:34:e9:34:14:ad:3a:fd:04:ce:56:76:ac:de:08:74:78:d5:
88:be:fc:29:c3:e1:49:5f:91:42:9c:2f:25:2d:15:c1:35:68:
11:69:f7:88:b7:48:56:64:a8:47:2a:4d:c3:eb:bc:f3:41:b6:
14:03:64:fd:2b:9b:59:b0:ed:68:44:26:47:89:ce:21:19:ca:
b0:00:a6:f7:eb:bf:73:25:8f:85:95:91:55:a8:43:5b:4b:87:
0e:ca:32:e6:8d:77:73:3a:0d:94:0a:c8:da:74:05:18:f7:0b:
df:76:ef:f6:d4:30:f6:7a:2e:14:9d:f2:48:34:2d:41:b0:46:
f2:5b:7c:a4:da:7d:0a:30:c0:7e:d3:6a:7a:99:4c:a5:06:d9:
7f:68:58:6e:8b:af:b2:20:36:6d:98:72:fd:ca:b2:f9:7c:4a:
d9:75:a9:4b:80:84:78:1c:63:e4:01:94:12:7d:8f:1b:3f:ba:
64:6a:79:ed:f1:1f:b3:9f:28:b5:0a:f0:8f:72:2b:56:e9:55:
c3:8a:5e:fa:2f:21:57:1d:bf:3a:9e:e1:88:7f:a9:41:c0:2b:
cc:86:70:b5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEw
MDIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFODE3QzMwMzRFMzg3
RkQ3RTg0MUNFNzU1MDZCMDI0MDU4RjY0QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgVFG5BhYLiA7hUWMKoIOrfoJiXH5PhDzkxqoOWkDiOrOC5tkk
DZbq6/rzlWn8S80BG1GRSWkaQ96vwIuKatBjD1nZ420h/tlRVJW3q4O3lFo0PQ9t
DabCdLvEPXeM7xXIReQ3jfylXUEeOUMT/q0yc3XafBK5xCaXxj2jZJWIKrLFUPqI
HskkJNP0zrCIyP7vqvnJ/rphJDGpNEmdkPrhjEzuTB07T6PM1B4pKFYiytpouJO8
4UgiK2PfbiRFzFaiO/xBIxssHHvLm+5mZf3lTB1OyxINkSo9KdsObAbuVrs9TQ/u
45V8faQHISzHKDTEVilcaGxoM9Fzxj2+rweVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULoF8MDTjh/1+hBznVQawJAWPZMQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0xvRjhNRFRqaF8xLWhC
em5WUWF3SkFXUFpNUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEADXljpPL7qg9v+AfUsREtqQ+2h8Qk13y9
5xfDttidTzwN8cC46TTpNBStOv0EzlZ2rN4IdHjViL78KcPhSV+RQpwvJS0VwTVo
EWn3iLdIVmSoRypNw+u880G2FANk/SubWbDtaEQmR4nOIRnKsACm9+u/cyWPhZWR
VahDW0uHDsoy5o13czoNlArI2nQFGPcL33bv9tQw9nouFJ3ySDQtQbBG8lt8pNp9
CjDAftNqeplMpQbZf2hYbouvsiA2bZhy/cqy+XxK2XWpS4CEeBxj5AGUEn2PGz+6
ZGp57fEfs58otQrwj3IrVulVw4pe+i8hVx2/Op7hiH+pQcArzIZwtQ==
-----END CERTIFICATE-----
Generated at Mon Apr 1 02:13:48 2024 by rpki-client on console-ams.rpki-client.org